Set the IncludeExceptionDetailInFaults property to true from an application configuration file or programmatically to enable the flow of managed exception information in a client callback object back to the service for debugging purposes.

Caution

Returning managed exception information to services can be a security risk because exception details expose information about the internal client implementation that could be used by unauthorized services. In addition, although the CallbackDebugBehavior properties can also be set programmatically, it can be easy to forget to disable IncludeExceptionDetailInFaults when deploying.

Because of the security issues involved, it is strongly recommended that: